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FINAL ACTION 

1 . Amendment A has been entered into record. 

2. Claims 1,15, 23, and 25 lias been amended. Claim 24 is canceled. Claims 
1-13 and 25 are pending. 

Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification sinall contain a written description of tlie invention, and of the manner and 
process of making and using it, in such full, clear, concise, and exact terms as to enable any 
person skilled in the art to which it pertains, or with which it is most nearly connected, to make 
and use the same and shall set forth the best mode contemplated by the Inventor of carrying 
out his invention. 

3. Claim 1 is rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject 
matter which was not described in the specification in such a way as to 
reasonably convey to one skilled in the relevant art that the inventor(s), at the 
time the application was filed, had possession of the claimed invention. 
Examiner submits applicant's newly added limitation, "access to the object for 
the additional user defines additional relationship characteristics that grant 
access to additional objects being held by the additional user " is not 
described in applicant's original disclosure in such a way to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was 
filed, had possession of the claimed invention. 
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Claim Objections 

4. Claim 25 is objected to because of the following informalities: Examiner 
recommends applicant change newly added claim limitation, "the invalid 
relationship path" to "an invalid relationship path" for limitation conciseness. 
Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in 
public use or on sale in this country, more than one year prior to the date of application for patent in 
the United States. 

5. Claims 1 , 4-9, 1 3-1 5, and 1 8-22 are rejected under 35 U.S.C. 1 02(b) as 
being anticipated by Montague et al. (US Patent No. 5,675,782 and Montague 
hereinafter). 

6. As to claim 1 , Montague teaches a method for regulating access to an 
object comprising the steps of: 

for a plurality of users, allowing each user to designate (i.e., modify) the 
relationship characteristics (i.e., access permission) between that user and any 
other user [col. 6, lines 53-55]; 
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identifying (i.e., specifies) one (i.e., eacli) of tine plurality of users (i.e., 
trustee) as an owner (i.e., access rights) of the object (i.e., entity) [col. 6, lines 
31-35]; 

determining if a selected one of the plurality of users has access (i.e., user 
having appropriate permission) to the object by determining if the relationship 
characteristics on at least one path between the selected one of the plurality of 
users and the owner of the object is a trusted relationship (i.e., database of 
trustees having access permission) between each of the users on that path, 
where said path includes at least one additional user (i.e., additional trustee 
capture in database with access permission) beside said owner (i.e., user) of the 
object (i.e., entity) and the selected one of the plurality of users [col. 6, lines 40- 
46] and access to the object for the additional user defines additional relationship 
characteristics that grant access to additional objects being held by the additional 
user (i.e., ... teaches provide user enablement to add additional trustees to the 
list of trustees for access permission to object[fig. 5]). 

7. As to claim 4, Montague teaches a method for regulating access to an 
object where the owner (i.e., operating system/server) of an object may 
designate another user (i.e., trustee) as acting on behalf of the owner (i.e., 
operating system/server) [col. 6, lines 31-35]. 

8. As to claim 5, Montague teaches a method for regulating access to an 
object where the relationship characteristics (i.e., access permission) include a 
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trust relationship between the trusted user (i.e., trustee) and the designating user 
(i.e., operating system/server) [col. 6, lines 31-35]. 

9. As to claim 6, Montague teaches a method for regulating access to an 
object where the relationship characteristics (i.e., access permissions) include a 
trust relationship between the trusted user and the designating user (i.e., 
operating system/server), where the trust relationship limits (i.e., access rights) 
the tasks the trusted user (i.e., trustee) may perform [col. 6, lines 31-35]. 

1 0. As to claim 7, Montague teaches a method for regulating access to an 
object where the relationship characteristics (i.e., access permissions) include a 
trust relationship between the trusted user and the designating user, wherein the 
trust relationship limits the objects (i.e., specific entity) the trusted user may 
access [col. 6, lines 41-46]. 

11. As to claim 8, Montague teaches a method for regulating access to an 
object where the trust relationship (i.e., access rights) is limited to types of 
objects (i.e., entity) [col. 6, lines 44-46]. 

12. As to claim 9, Montague teaches a method for regulating access to an 
object where the trust relationship is limited to selected of objects [col. 6, lines 
44-46]. 
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1 3. As to claim 1 3, Montague teaches a method for regulating access to an 
object where the relationship characteristics (i.e., access permission) include a 
trust relationship between the trusted user and the designating user and wherein 
the trust relationship specifies a maximum number of relationships (i.e., 
permission pair)on a path [par. 6, lines 56-60]). 

14. As to claim 14, Montague teaches a method for regulating access (i.e. 
permission) to an object the maximum number of relationships (i.e., permission 
pair) is one [par. 6, lines 56-60]. 

1 5. As to claim 1 5, Montague teaches a method of regulating access to an 
object, the method comprising the steps of: identifying an object (i.e., specific 
entity) or a set of objects to which access is to be regulated (i.e., access rights) 
[col. 6, lines 43-46]; identifying (i.e., specify) an owner (i.e., trustee) that has 
control of the object(s) [col. 6, lines 31-35]; identifying (i.e., define) an a 
relationship path (i.e., permission) which would othenA/ise be a valid path [col. 6, 
lines 56-60]; allowing (i.e., define) each relationship element to specify the 
maximum number of subsequent elements (i.e., possible trustee) in the path [col. 
6, lines 56- 60]; and classifying (i.e., capability to modify) that relationship path 
(i.e., access rights) as invalid if for any element in that path the number of 
subsequent elements (i.e., list of trustees) in the path (i.e., access rights) 
exceeds the limit (i.e. list) specified by that element (i.e., user) (i.e., Montague 
teaches a user can only effect trustee access rights (e.g., relationship path) that 
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is on the list. [col. 3, lines 10- 20] Thus the list of trustee defines a pre- 

deternnined number of trustees (i.e., subsequent elements)), such that access to 
the objects(s) is prohibited for all relationship elements in the path and only the 
owner can access the object(s) (i.e., ... teaches enabling the user to selectively 
control permission to access objects [fig. 5]). 

16. As to claim 18, Montague teaches a method for regulating access to an 
object where the owner (i.e., operating system/server) of an object may 
designate another user (i.e., trustee) as acting on behalf of the owner (i.e., 
operating system/server) [col. 6, lines 31-35]. 

1 7. As to claim 1 9, Montague teaches a method for regulating access to an 
object where the relationship path includes a plurality of relationship 
characteristics and at least one relationship characteristic includes a trust 
relationship between the trusted user (i.e., trustee) and the designating user (i.e., 
operating system/server), where the trust relationship limits the tasks (i.e., 
access permission) the trusted user may perform [col. 6, lines 31-35]. 

1 8. As to claim 20, Montague teaches a method for regulating access to an 

object where the relationship path includes a plurality of relationship 
characteristics and at least one relationship characteristic includes a trust 
relationship between the trusted user (i.e., trustee) and the designating user (i.e.. 
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operating system/server), where the trust relationship limits the objects the 
trusted user may access [col. 6, lines 31-35]. 

1 9. As to claim 21 , Montague teaches a method for regulating access to an 
object where the trust relationship is limited to types of objects (i.e., specific 
entity) [col. 6, lines 43-46]. 

20. As to claim 22, Montague teaches a method for regulating access to an 
object where the trust relationship is limited to selected of objects [col. 6, lines 
43- 46]. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: (a) A patent may not be 
obtained though the invention is not identically disclosed or described as set forth 
in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would 
have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which said subject matter pertains. Patentability shall 
not be negatived by the manner in which the invention was made. 
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21 . Claims 10-12 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Montague in view of Nagel et al (US Patent No. 7,181 ,017 and Nagel 

hereinafter). 

22. As to claim 10-12, the system disclosed by Montague shows substantial 
features of the claimed invention (discussed in the paragraph above), it fails to 
disclose: 

A method for regulating access to an object where the relationship 
characteristics include a distrusted relationship between the distrusted user and 
the designating user (claim 10). 

A method for regulating access to an object where the distrusted 
relationship has an intermediary scope (claim 11 ). 

A method for regulating access to an object where the distrusted 
relationship has an terminal scope (claim 12). 

However, these features are well known in the art and would have been an 
obvious modification of the system disclosed by Montague as introduced by 
Nagel. Nagel discloses: 

A method for regulating access to an object where the relationship 
characteristics include a distrusted relationship between the distrusted user and 
the designating user (claim 10) (to provide a regulatory relational access to 
objects [fig. 3]). 
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A method for regulating access to an object wliere the distrusted 
relationship has an intermediary scope (claim 1 1) (to provide a intermediary 
relationship [320, 310, 330, 341,342 fig. 3]). 

A method for regulating access to an object where the distrusted 
relationship has an terminal scope (claim 12) (to provide a terminal relationship 
[320, 340, 330 fig. 3]). 

Therefore, given the teachings of Nagel, a person having ordinary skill in the art 
at the time of the invention would have recognized the desirability and advantage 
of modifying Montague by employing the well known features of intermediary and 
terminal relationships disclosed above by Nagel, for which object accessibility will 
be enhanced [fig. 3]. 

23. Claims 2, 3, 16, 17, 24, and 25 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Montague in view of Auer et al (US Patent No. 
20030191946 and Auer hereinafter). 

24. As to claim 2 and 3, the system disclosed by Montague shows substantial 
features of the claimed invention (discussed in the paragraph above), it fails to 
disclose: 

A method for regulating access to an object where the relationship 
characteristics include one or more conditions such that the relationship 
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characteristics are valid if and only if the one or more conditions are met (claim 
2). 

A method for regulating access to an object where the relationship 
characteristics include one or more methods of determining a condition such that 
the relationship is valid if and only if the one or more methods of determining a 
condition confirm validity of the relationships characteristic (claim 3). 

However, these features are well known in the art and would have been an 
obvious modification of the system disclosed by Montague as introduced by 
Auer. Auer discloses: 

A method for regulating access to an object where the relationship 
characteristics include one or more conditions such that the relationship 
characteristics are valid if and only if the one or more conditions are met 
(claim 2) (to provide entity relationship validation means base on pre-defined 
conditions [fig. 7]). 

A method for regulating access to an object where the relationship 
characteristics include one or more methods of determining a condition such that 
the relationship is valid if and only if the one or more methods of determining a 
condition confirm validity of the relationships characteristic (claim 3) (to provide 
entity relationship validation means base on pre-defined conditions [fig.7]). 

Therefore, given the teachings of Auer, a person having ordinary skill in the art at 
the time of the invention would have recognized the desirability and advantage of 
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modifying Montague by employing the well known features of entity relationship 
validation disclosed above by Auer, for which relationships between entities will 
be enhanced [fig .7]. 

25. As to claim 16 and 17, the system disclosed by Montague shows 
substantial features of the claimed invention (discussed in the paragraph above), 
it fails to disclose: 

A method for regulating access to an object where relationship path 
includes a plurality of relationship characteristics and at least one relationship 

characteristic includes one or more conditions such that the relationship 
characteristics are valid if and only if the one or more conditions are met (claim 
16). 

A method for regulating access to an object where the relationship path 
includes a plurality of relationship characteristics and at least one relationship 
characteristic includes one or more methods of determining a condition such that 
the relationship is valid if and only if the one or more methods of determining a 
condition confirm validity of the relationships characteristic (claim 17). 

However, these features are well known in the art and would have been an 
obvious modification of the system disclosed by Montague as introduced by 
Auer. Auer discloses: 



Application/Control Number: 1 0/521 ,933 Page 1 3 

Art Unit: 2431 

A method for regulating access to an object wliere relationslnip path 
includes a plurality of relationship characteristics and at least one relationship 
characteristic includes one or more conditions such that the relationship 
characteristics are valid if and only if the one or more conditions are met (claim 
16) (to provide entity relationship validation means base on pre-defined 
conditions [fig. 7]). 

A method for regulating access to an object where the relationship path 
includes a plurality of relationship characteristics and at least one relationship 
characteristic includes one or more methods of determining a condition such that 
the relationship is valid if and only if the one or more methods of determining a 
condition confirm validity of the relationships characteristic (claim 17) (to provide 
entity relationship validation means base on pre-defined conditions [fig.7]). 

Therefore, given the teachings of Auer, a person having ordinary skill in the art at 
the time of the invention would have recognized the desirability and advantage of 
modifying Montague by employing the well known features of entity relationship 
validation disclosed above by Auer, for which relationships between entities will 
be enhanced [fig.7]. 

26. Claim 24 (cancel) 

27. As to claim 25, Montague teaches a method of regulating access to an 
object, the method comprising the steps of: 



Application/Control Number: 1 0/521 ,933 Page 
Art Unit: 2431 

identifying an object or a set of objects to wliicli access is to be regulated 
[col. 6, lines 43-46]; identifying an entity that has control of the object(s) [col. 6, 

lines 31-35]; 

identifying an a relationship path which would otherwise be a valid path 
[col. 6, lines 56-60]; 

whereby the invalid path prohibits access of the object(s) by any element 
on the path and only an owner of the object or set of objects has access to the 
objects(s) (i.e., ...teaches a system determines if the trustee identified by the 
user is valid on the entity, i.e., does the trustee have access permissions on the 
server just identified. ... teaches If not, a block 204 returns an indication that the 
trustee is invalid [col. 12, lines 45-55]) 

Montague does not expressly teach: 

defining a distrust relationship as the designation of a distrustee as 
distrusted by a distrustor; 

specifying for each distrust relationship a set of zero or more conditions 
and/or a set of zero or more methods of determining a condition such that the 
relationship is valid if and only if the said set of conditions is (are) met and/or the 
method(s) of determining a condition confirm(s) validity; 

and classifying that relationship path as invalid if for any element in that 
path the grantee of that element is the distrustee of the distrust relationship. 
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However, these features are well known in the art and would have been an 
obvious modification of the system disclosed by Montague as introduced by 
Auer. Auer discloses: 

defining a distrust relationship as the designation of a distrustee as 
distrusted by a distrustor (to provide entity relationship definition capability 
[fig-7]); 

specifying for each distrust relationship a set of zero or more conditions 
and/or a set of zero or more methods of determining a condition such that the 
relationship is valid if and only if the said set of conditions is (are) met and/or the 
method(s) of determining a condition confirm(s) validity (to provide entity 
relationship validation means base on pre-defined conditions [fig. 7]); 

and classifying that relationship path as invalid if for any element in that 
path the grantee of that element is the distrustee of the distrust relationship (to 
provide entity relationship validation means base on pre-defined conditions 
[fig-7]).). 



Therefore, given the teachings of Auer, a person having ordinary skill in the art at 
the time of the invention would have recognized the desirability and advantage of 
modifying Montague by employing the well known features of entity relationship 
validation disclosed above by Auer, for which relationships between entities will 
be enhanced [fig.7]. 
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28. Claim 23 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Montague in view of Sadjadi (US Patent No. 6,850,938). 

29. As to claim 23, Montague teaches a method of resolving a conflict 
regarding a specified access to an object, the method comprising the steps of: 

identifying a set of entities that have control of the object(s) [col. 6, lines 
43- 46]; 

defining an event of access conflict as a condition wherein one or more 
entity relationship(s) would grant the specified access to the object(s) and one or 
more entity relationship(s) would deny the specified access to the object(s) [col. 
3, lines 17-27]; defining one or more classes of relationships (i.e., access types) 
between the object(s) and controlling entities [col. 6, lines 56-60]; 

Montague does expressly teach: 

defining an equivalent class resolution rule for event(s) of access conflict 
wherein the controlling entity relationships for one or more relationship class to 
the object would grant the specified access and the controlling entity 
relationships for one or more relationship class with the same level and the class 
relationship hierarchy would deny the specified access to the object(s); 

defining a within class resolution rule for event(s) of access conflict 
wherein the conflict arises among multiple entities which have the same class of 
relationship to the object(s); 
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and allowing or disallowing the specified access to the object(s) based on 

the entity relationship(s) based on the highest level class relationship to the 
object, the within class resolution rule, and the equivalent class resolution rule, 
defining a hierarchy for the classes of object-entity relationships that is used to 
establish precedence in the event of an access conflict; 

However, these features are well known in the art and would have been an 
obvious modification of the system disclosed by Montague as introduced by 
Sadjadi. Sadjadi discloses: 

defining an equivalent class resolution rule for event(s) of access conflict 
wherein the controlling entity relationships for one or more relationship class to 
the object would grant the specified access and the controlling entity 
relationships for one or more relationship class with the same level in and the 
class relationship hierarchy would deny the specified access to the object(s) (to 
provide access conflict resolution [fig. 1]); 

defining a within class resolution rule for event(s) of access conflict 
wherein the conflict arises among multiple entities which have the same class of 
relationship to the object(s) (to provide access conflict resolution [fig. 1]); 

and allowing or disallowing the specified access to the object(s) based on 
the entity relationship(s) based on the highest level class relationship to the 
object, the within class resolution rule, and the equivalent class resolution rule (to 
provide access conflict resolution [fig. 2a - fig. 2c]). 
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defining a hierarchy for the classes of object-entity relationships that is 
used to establish precedence In the event of an access conflict (to provide 
access conflict resolution [fig. 2a - fig. 2c]); 

Therefore, given the teachings of Sadjadi, a person having ordinary skill in the art 
at the time of the invention would have recognized the desirability and advantage 
of modifying Montague by employing the well known features of object access 
conflict resolution disclosed above by Sadjadi, for which object accessibility will 
be enhanced [fig. 1]. 

Response to Arguments 

30. Applicant's arguments filed 6/25/2008 have been fully considered but they 
are not persuasive. Examiner respectfully draws applicant's attention to examiner 
comment below. 

Applicant 102 arguments: 

31 . Applicant argues prior art reference offer architecture in which" wherein 
said path includes at least one additional user beside said owner of the 
object and the selected one of the plurality of users, and access to the 
object for the additional user is granted by the selected one, and wherein 
the additional user defines additional relationship characteristics then 
grant access to additional object being held by the additional user" 



Application/Control Number: 1 0/521 ,933 Page 1 9 

Art Unit: 2431 

Examiner submits line one Montague's abstract teaches controlling acces 
to entities (i.e., additional object). With regards to further defining permission 
access Montague teaches in figure 5, the capability to define permission access 
to additional users. With regards to additional user possessing the ability to 
control access to additional objects, Montague teaches access type of "full 
control [col. 7, lines 50-60]. Montague teaches user access type of "full control' 
allows the user the capability to change access permission for objects. 

32. Applicant argues the teaching of Montague does offer, "and classifying 
that relationship path as invalid if for any element in that path the number 
of subsequent elements in the path exceeds the limit specified by that 
element, such that access to the objects(s) is prohibited for all relationship 
elements in the path and only the owner can access the object(s) ". 

Examiner submits Montague teaches in figure 5, user ability to control 
(i.e., allow/prohibit) access for everyone (i.e., all) for which will only allow object 
access to user. 

Applicant 103 argument: 

33. Applicant argues no reference of record provides for "allowing or 
disallowing that specified access to the object(s) based on the entity 
relationship(s) based on the highest level class relationship to the object , 
the within class resolution rule and the equivalent class resolution rule" 
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Examiner submits the teaching of Montague, specifically column 5, lines 
60-67 thru column 6, lines 1-5 teaches a high level API (i.e. relationship), a 
access permission (i.e. rule) and user specific implementation (i.e., equivalent 
class resolution rule). 

34. Applicant argues no reference of record provides for " classifying that 
relationship path as invalid if for any element in that path the number of 
subsequent elements in the path exceeds the limit specified by that 
element, such that access to the objects(s) is prohibited for all relationship 
elements in the path and only the owner can access the object(s) ". 

Examiner submits Montague teaches in figure 5, user ability to control 
(i.e., allow/prohibit) access for everyone (i.e., all) for which will only allow object 
access to user. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection 
presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. 
See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
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period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 



Contact Information 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to BRYAN WRIGHT whose telephone number is 
(571)270-3826. The examiner can normally be reached on 8:30 am - 5:30 pm 
Monday -Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, AYAZ Sheikh can be reached on (571 )272-3795. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 



/BRYAN WRIGHT/ 
Examiner, Art Unit 2431 

/Christopher A. Revak/ 
Primary Examiner, Art Unit 2431 



